package org.dim.oa.controller;

import lombok.SneakyThrows;
import org.dim.oa.po.ServerResponse;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@CrossOrigin(maxAge = 3600)
@RestController
@RequestMapping("/role")
public class RoletestCtrl {

    @GetMapping("/aaa")
    @PreAuthorize("hasRole('headerman')")
    public String aaa(){
        return "sucess.........aaa";
    }

    @GetMapping("/bbb")
    public String bbb(){
        return "sucess.........bbb";
    }

    @SneakyThrows
    @GetMapping("/ccc")
    @PreAuthorize("hasRole('employee')")
    //@PreAuthorize("hasRole('ROLE_employee')")
    /**
     * 以上两种写法都ok，注意：GrantedAuthority au = new SimpleGrantedAuthority(roleName);
     * 这里的roleName必须有前缀ROLE_,
     */
    public ServerResponse ccc(){
        return ServerResponse.success("/role/ccc,sucess.........ccc");
    }
}